From 94bc023390fd34d1a7db4dddb2c92ebe3877b0fb Mon Sep 17 00:00:00 2001 From: Jose Luis Franco Arza Date: Mon, 6 Apr 2020 23:15:44 +0200 Subject: [PATCH] Add mode option when creating persistent directories. Almost every single tripleo service creates a persistent directory. To simplify the creation, a with_items structure was being used. In which many times, the mode option was being set. However, that mode option was not taken into account at the time of creating the file. As a consequence, the directory was being created with its father directory rights, instead of the ones being passed in the template. Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc Closes-Bug: #1871231 --- deployment/aodh/aodh-api-container-puppet.yaml | 1 + deployment/aodh/aodh-evaluator-container-puppet.yaml | 1 + deployment/aodh/aodh-listener-container-puppet.yaml | 1 + deployment/aodh/aodh-notifier-container-puppet.yaml | 1 + .../ceilometer/ceilometer-agent-central-container-puppet.yaml | 1 + .../ceilometer/ceilometer-agent-compute-container-puppet.yaml | 1 + .../ceilometer/ceilometer-agent-ipmi-container-puppet.yaml | 1 + .../ceilometer-agent-notification-container-puppet.yaml | 1 + deployment/cinder/cinder-api-container-puppet.yaml | 1 + deployment/cinder/cinder-common-container-puppet.yaml | 1 + deployment/cinder/cinder-scheduler-container-puppet.yaml | 1 + deployment/database/mysql-container-puppet.yaml | 1 + deployment/database/mysql-pacemaker-puppet.yaml | 1 + deployment/database/redis-container-puppet.yaml | 2 ++ deployment/database/redis-pacemaker-puppet.yaml | 1 + deployment/deprecated/sahara/sahara-api-container-puppet.yaml | 1 + .../deprecated/sahara/sahara-engine-container-puppet.yaml | 1 + .../experimental/designate/designate-api-container-puppet.yaml | 1 + .../designate/designate-central-container-puppet.yaml | 1 + .../experimental/designate/designate-mdns-container-puppet.yaml | 1 + .../designate/designate-producer-container-puppet.yaml | 1 + .../experimental/designate/designate-sink-container-puppet.yaml | 1 + .../designate/designate-worker-container-puppet.yaml | 1 + deployment/gnocchi/gnocchi-api-container-puppet.yaml | 1 + deployment/gnocchi/gnocchi-metricd-container-puppet.yaml | 1 + deployment/gnocchi/gnocchi-statsd-container-puppet.yaml | 1 + deployment/haproxy/haproxy-container-puppet.yaml | 1 + deployment/haproxy/haproxy-pacemaker-puppet.yaml | 1 + deployment/horizon/horizon-container-puppet.yaml | 1 + deployment/ironic/ironic-api-container-puppet.yaml | 1 + deployment/ironic/ironic-conductor-container-puppet.yaml | 1 + deployment/ironic/ironic-inspector-container-puppet.yaml | 2 ++ deployment/ironic/ironic-pxe-container-puppet.yaml | 1 + deployment/keepalived/keepalived-container-puppet.yaml | 1 + deployment/logging/files/barbican-api.yaml | 1 + deployment/logging/files/glance-api.yaml | 1 + deployment/logging/files/heat-api-cfn.yaml | 1 + deployment/logging/files/heat-api.yaml | 1 + deployment/logging/files/heat-engine.yaml | 1 + deployment/logging/files/keystone.yaml | 1 + deployment/logging/files/neutron-api.yaml | 1 + deployment/logging/files/neutron-common.yaml | 1 + deployment/logging/files/nova-api.yaml | 1 + deployment/logging/files/nova-common.yaml | 1 + deployment/logging/files/nova-libvirt.yaml | 1 + deployment/logging/files/nova-metadata.yaml | 1 + deployment/logging/files/placement-api.yaml | 1 + deployment/manila/manila-api-container-puppet.yaml | 1 + deployment/manila/manila-scheduler-container-puppet.yaml | 1 + deployment/manila/manila-share-container-puppet.yaml | 1 + deployment/manila/manila-share-pacemaker-puppet.yaml | 1 + deployment/messaging/rpc-qdrouterd-container-puppet.yaml | 1 + deployment/metrics/collectd-container-puppet.yaml | 1 + deployment/metrics/qdr-container-puppet.yaml | 1 + deployment/mistral/mistral-api-container-puppet.yaml | 1 + deployment/mistral/mistral-engine-container-puppet.yaml | 1 + deployment/mistral/mistral-event-engine-container-puppet.yaml | 1 + deployment/mistral/mistral-executor-container-puppet.yaml | 1 + deployment/nova/nova-ironic-container-puppet.yaml | 1 + deployment/nova/novajoin-container-puppet.yaml | 1 + deployment/octavia/octavia-api-container-puppet.yaml | 1 + deployment/octavia/octavia-health-manager-container-puppet.yaml | 1 + deployment/octavia/octavia-housekeeping-container-puppet.yaml | 1 + deployment/octavia/octavia-worker-container-puppet.yaml | 1 + deployment/ovn/ovn-controller-container-puppet.yaml | 1 + deployment/ovn/ovn-dbs-container-puppet.yaml | 1 + deployment/ovn/ovn-dbs-pacemaker-puppet.yaml | 1 + deployment/qdr/qdrouterd-container-puppet.yaml | 1 + deployment/rabbitmq/rabbitmq-container-puppet.yaml | 1 + .../rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml | 1 + .../rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml | 1 + deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml | 1 + .../rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml | 1 + .../rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml | 1 + deployment/swift/swift-proxy-container-puppet.yaml | 1 + deployment/swift/swift-storage-container-puppet.yaml | 1 + deployment/undercloud/tempest-container-puppet.yaml | 1 + deployment/zaqar/zaqar-container-puppet.yaml | 1 + 78 files changed, 80 insertions(+) diff --git a/deployment/aodh/aodh-api-container-puppet.yaml b/deployment/aodh/aodh-api-container-puppet.yaml index f4f949b678..55eb44c623 100644 --- a/deployment/aodh/aodh-api-container-puppet.yaml +++ b/deployment/aodh/aodh-api-container-puppet.yaml @@ -245,6 +245,7 @@ outputs: path: "{{ item.path }}" setype: "{{ item.setype }}" state: directory + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/aodh, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/aodh-api, setype: container_file_t, 'mode': '0750' } diff --git a/deployment/aodh/aodh-evaluator-container-puppet.yaml b/deployment/aodh/aodh-evaluator-container-puppet.yaml index 80f07413d1..e7e6eea235 100644 --- a/deployment/aodh/aodh-evaluator-container-puppet.yaml +++ b/deployment/aodh/aodh-evaluator-container-puppet.yaml @@ -113,6 +113,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/aodh, 'setype': container_file_t, 'mode': '0750' } external_upgrade_tasks: diff --git a/deployment/aodh/aodh-listener-container-puppet.yaml b/deployment/aodh/aodh-listener-container-puppet.yaml index a418b4c284..b6c656f83f 100644 --- a/deployment/aodh/aodh-listener-container-puppet.yaml +++ b/deployment/aodh/aodh-listener-container-puppet.yaml @@ -113,6 +113,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/aodh, 'setype': container_file_t, 'mode': '0750' } external_upgrade_tasks: diff --git a/deployment/aodh/aodh-notifier-container-puppet.yaml b/deployment/aodh/aodh-notifier-container-puppet.yaml index 7936fa8a13..49e7a912ff 100644 --- a/deployment/aodh/aodh-notifier-container-puppet.yaml +++ b/deployment/aodh/aodh-notifier-container-puppet.yaml @@ -113,6 +113,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/aodh, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/aodh, 'setype': container_file_t } diff --git a/deployment/ceilometer/ceilometer-agent-central-container-puppet.yaml b/deployment/ceilometer/ceilometer-agent-central-container-puppet.yaml index 90d3ccd622..9c6d4d549a 100644 --- a/deployment/ceilometer/ceilometer-agent-central-container-puppet.yaml +++ b/deployment/ceilometer/ceilometer-agent-central-container-puppet.yaml @@ -171,6 +171,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/ceilometer, 'setype': container_file_t, 'mode': '0750' } external_upgrade_tasks: diff --git a/deployment/ceilometer/ceilometer-agent-compute-container-puppet.yaml b/deployment/ceilometer/ceilometer-agent-compute-container-puppet.yaml index 3fa0913326..b4cb9da15c 100644 --- a/deployment/ceilometer/ceilometer-agent-compute-container-puppet.yaml +++ b/deployment/ceilometer/ceilometer-agent-compute-container-puppet.yaml @@ -118,6 +118,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/ceilometer, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/ceilometer/ceilometer-agent-ipmi-container-puppet.yaml b/deployment/ceilometer/ceilometer-agent-ipmi-container-puppet.yaml index cba97ff264..ab7a62cfe2 100644 --- a/deployment/ceilometer/ceilometer-agent-ipmi-container-puppet.yaml +++ b/deployment/ceilometer/ceilometer-agent-ipmi-container-puppet.yaml @@ -136,6 +136,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/ceilometer, 'setype': container_file_t, 'mode': '0750' } fast_forward_upgrade_tasks: diff --git a/deployment/ceilometer/ceilometer-agent-notification-container-puppet.yaml b/deployment/ceilometer/ceilometer-agent-notification-container-puppet.yaml index c2679fc496..f208ce9bab 100644 --- a/deployment/ceilometer/ceilometer-agent-notification-container-puppet.yaml +++ b/deployment/ceilometer/ceilometer-agent-notification-container-puppet.yaml @@ -203,6 +203,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/ceilometer, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/cinder/cinder-api-container-puppet.yaml b/deployment/cinder/cinder-api-container-puppet.yaml index df6ed055e8..50c07bbb6a 100644 --- a/deployment/cinder/cinder-api-container-puppet.yaml +++ b/deployment/cinder/cinder-api-container-puppet.yaml @@ -371,6 +371,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/cinder, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/cinder-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/cinder/cinder-common-container-puppet.yaml b/deployment/cinder/cinder-common-container-puppet.yaml index 8e3ebc1123..f98d798c90 100644 --- a/deployment/cinder/cinder-common-container-puppet.yaml +++ b/deployment/cinder/cinder-common-container-puppet.yaml @@ -71,6 +71,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/cinder, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/cinder, 'setype': container_file_t } diff --git a/deployment/cinder/cinder-scheduler-container-puppet.yaml b/deployment/cinder/cinder-scheduler-container-puppet.yaml index 73b01aea24..0949f0d9d6 100644 --- a/deployment/cinder/cinder-scheduler-container-puppet.yaml +++ b/deployment/cinder/cinder-scheduler-container-puppet.yaml @@ -134,6 +134,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/cinder, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/database/mysql-container-puppet.yaml b/deployment/database/mysql-container-puppet.yaml index 5fd5b6b68d..ed2c48a7f8 100644 --- a/deployment/database/mysql-container-puppet.yaml +++ b/deployment/database/mysql-container-puppet.yaml @@ -249,6 +249,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - {'path': /var/log/containers/mysql, 'setype': 'container_file_t', 'mode': '0750'} - {'path': /var/lib/mysql, 'setype': 'container_file_t'} diff --git a/deployment/database/mysql-pacemaker-puppet.yaml b/deployment/database/mysql-pacemaker-puppet.yaml index 5e0787bcc3..2279230793 100644 --- a/deployment/database/mysql-pacemaker-puppet.yaml +++ b/deployment/database/mysql-pacemaker-puppet.yaml @@ -313,6 +313,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - {'path': /var/log/containers/mysql, 'setype': 'container_file_t', 'mode': '0750'} - {'path': /var/lib/mysql, 'setype': 'container_file_t'} diff --git a/deployment/database/redis-container-puppet.yaml b/deployment/database/redis-container-puppet.yaml index 03fedf21ac..4b7eebce73 100644 --- a/deployment/database/redis-container-puppet.yaml +++ b/deployment/database/redis-container-puppet.yaml @@ -218,6 +218,8 @@ outputs: file: path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/redis, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/run/redis, 'setype': container_file_t } diff --git a/deployment/database/redis-pacemaker-puppet.yaml b/deployment/database/redis-pacemaker-puppet.yaml index 6d4ddd3fce..7fe3d82f01 100644 --- a/deployment/database/redis-pacemaker-puppet.yaml +++ b/deployment/database/redis-pacemaker-puppet.yaml @@ -288,6 +288,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/lib/redis, 'setype': container_file_t } - { 'path': /var/log/containers/redis, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/deprecated/sahara/sahara-api-container-puppet.yaml b/deployment/deprecated/sahara/sahara-api-container-puppet.yaml index 4f83ed4a1f..bef14d6f71 100644 --- a/deployment/deprecated/sahara/sahara-api-container-puppet.yaml +++ b/deployment/deprecated/sahara/sahara-api-container-puppet.yaml @@ -209,6 +209,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/sahara, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/sahara, 'setype': container_file_t } diff --git a/deployment/deprecated/sahara/sahara-engine-container-puppet.yaml b/deployment/deprecated/sahara/sahara-engine-container-puppet.yaml index 0533c873a5..95eb77d67a 100644 --- a/deployment/deprecated/sahara/sahara-engine-container-puppet.yaml +++ b/deployment/deprecated/sahara/sahara-engine-container-puppet.yaml @@ -126,6 +126,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/sahara, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/sahara, 'setype': container_file_t } diff --git a/deployment/experimental/designate/designate-api-container-puppet.yaml b/deployment/experimental/designate/designate-api-container-puppet.yaml index 58aa03f7d7..ec2e17b98d 100644 --- a/deployment/experimental/designate/designate-api-container-puppet.yaml +++ b/deployment/experimental/designate/designate-api-container-puppet.yaml @@ -164,5 +164,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/experimental/designate/designate-central-container-puppet.yaml b/deployment/experimental/designate/designate-central-container-puppet.yaml index cdf3a39d91..78f2da36c8 100644 --- a/deployment/experimental/designate/designate-central-container-puppet.yaml +++ b/deployment/experimental/designate/designate-central-container-puppet.yaml @@ -217,5 +217,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/experimental/designate/designate-mdns-container-puppet.yaml b/deployment/experimental/designate/designate-mdns-container-puppet.yaml index cf5b192d1f..214d339964 100644 --- a/deployment/experimental/designate/designate-mdns-container-puppet.yaml +++ b/deployment/experimental/designate/designate-mdns-container-puppet.yaml @@ -174,6 +174,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/designate, 'setype': container_file_t } - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/experimental/designate/designate-producer-container-puppet.yaml b/deployment/experimental/designate/designate-producer-container-puppet.yaml index 2ed2736314..5843d8151a 100644 --- a/deployment/experimental/designate/designate-producer-container-puppet.yaml +++ b/deployment/experimental/designate/designate-producer-container-puppet.yaml @@ -132,5 +132,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/experimental/designate/designate-sink-container-puppet.yaml b/deployment/experimental/designate/designate-sink-container-puppet.yaml index addbd1cb89..95b3c7a44e 100644 --- a/deployment/experimental/designate/designate-sink-container-puppet.yaml +++ b/deployment/experimental/designate/designate-sink-container-puppet.yaml @@ -124,5 +124,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/experimental/designate/designate-worker-container-puppet.yaml b/deployment/experimental/designate/designate-worker-container-puppet.yaml index 45cf20930a..8f3eb12107 100644 --- a/deployment/experimental/designate/designate-worker-container-puppet.yaml +++ b/deployment/experimental/designate/designate-worker-container-puppet.yaml @@ -225,6 +225,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' } - name: create persistent named directory diff --git a/deployment/gnocchi/gnocchi-api-container-puppet.yaml b/deployment/gnocchi/gnocchi-api-container-puppet.yaml index d5888f7b2f..1cf07adfa5 100644 --- a/deployment/gnocchi/gnocchi-api-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-api-container-puppet.yaml @@ -363,6 +363,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/gnocchi, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/gnocchi-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml b/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml index dc65ca4f4b..8b565c5eef 100644 --- a/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml @@ -158,6 +158,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/gnocchi, 'setype': container_file_t, 'mode': '0750' } - name: create persistent data directory diff --git a/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml b/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml index aea007a925..0c16710a56 100644 --- a/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml @@ -150,6 +150,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/gnocchi, 'setype': container_file_t, 'mode': '0750' } - name: create persistent data directory diff --git a/deployment/haproxy/haproxy-container-puppet.yaml b/deployment/haproxy/haproxy-container-puppet.yaml index eb513f73ee..e008a5a167 100644 --- a/deployment/haproxy/haproxy-container-puppet.yaml +++ b/deployment/haproxy/haproxy-container-puppet.yaml @@ -369,6 +369,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/haproxy, 'setype': var_log_t, 'mode': '0750' } - { 'path': /var/lib/haproxy, 'setype': container_file_t } diff --git a/deployment/haproxy/haproxy-pacemaker-puppet.yaml b/deployment/haproxy/haproxy-pacemaker-puppet.yaml index e141a78777..84036d06eb 100644 --- a/deployment/haproxy/haproxy-pacemaker-puppet.yaml +++ b/deployment/haproxy/haproxy-pacemaker-puppet.yaml @@ -304,6 +304,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/haproxy, 'setype': var_log_t, 'mode': '0750' } - { 'path': /var/lib/haproxy, 'setype': container_file_t } diff --git a/deployment/horizon/horizon-container-puppet.yaml b/deployment/horizon/horizon-container-puppet.yaml index 24b0e0ad19..2e06b2c4b0 100644 --- a/deployment/horizon/horizon-container-puppet.yaml +++ b/deployment/horizon/horizon-container-puppet.yaml @@ -324,6 +324,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/horizon, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/horizon, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/ironic/ironic-api-container-puppet.yaml b/deployment/ironic/ironic-api-container-puppet.yaml index a010ee6a86..e546631865 100644 --- a/deployment/ironic/ironic-api-container-puppet.yaml +++ b/deployment/ironic/ironic-api-container-puppet.yaml @@ -278,6 +278,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/ironic, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/ironic-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/ironic/ironic-conductor-container-puppet.yaml b/deployment/ironic/ironic-conductor-container-puppet.yaml index 0fe775c46c..78a7a2506d 100644 --- a/deployment/ironic/ironic-conductor-container-puppet.yaml +++ b/deployment/ironic/ironic-conductor-container-puppet.yaml @@ -564,6 +564,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/ironic, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/ironic, 'setype': container_file_t } diff --git a/deployment/ironic/ironic-inspector-container-puppet.yaml b/deployment/ironic/ironic-inspector-container-puppet.yaml index 291c51fd55..ad11d61203 100644 --- a/deployment/ironic/ironic-inspector-container-puppet.yaml +++ b/deployment/ironic/ironic-inspector-container-puppet.yaml @@ -490,8 +490,10 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/ironic-inspector, 'setype': container_file_t, 'mode': '0750' } + - { 'path': /var/lib/ironic-inspector/dhcp-hostsdir, 'setype': container_file_t } - name: create persistent ironic-inspector dnsmasq dhcp hostsdir file: path: /var/lib/ironic-inspector/dhcp-hostsdir diff --git a/deployment/ironic/ironic-pxe-container-puppet.yaml b/deployment/ironic/ironic-pxe-container-puppet.yaml index ca4d3ba2d4..1cf23f8f66 100644 --- a/deployment/ironic/ironic-pxe-container-puppet.yaml +++ b/deployment/ironic/ironic-pxe-container-puppet.yaml @@ -165,6 +165,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/lib/ironic, 'setype': container_file_t } - { 'path': /var/log/containers/ironic, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/keepalived/keepalived-container-puppet.yaml b/deployment/keepalived/keepalived-container-puppet.yaml index 7cfc6f5c88..1fb54baddb 100644 --- a/deployment/keepalived/keepalived-container-puppet.yaml +++ b/deployment/keepalived/keepalived-container-puppet.yaml @@ -151,5 +151,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/keepalived, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/barbican-api.yaml b/deployment/logging/files/barbican-api.yaml index 8f2e422d5d..88e1c3a732 100644 --- a/deployment/logging/files/barbican-api.yaml +++ b/deployment/logging/files/barbican-api.yaml @@ -38,6 +38,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/barbican, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/barbican-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/glance-api.yaml b/deployment/logging/files/glance-api.yaml index ee0eda4bd8..2ba4ee2abf 100644 --- a/deployment/logging/files/glance-api.yaml +++ b/deployment/logging/files/glance-api.yaml @@ -37,6 +37,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/glance, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/glance, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/heat-api-cfn.yaml b/deployment/logging/files/heat-api-cfn.yaml index 2d570bafc9..75825c3be5 100644 --- a/deployment/logging/files/heat-api-cfn.yaml +++ b/deployment/logging/files/heat-api-cfn.yaml @@ -24,6 +24,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/heat, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/heat-api-cfn, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/heat-api.yaml b/deployment/logging/files/heat-api.yaml index fc7cd9d960..e3c3cf1af7 100644 --- a/deployment/logging/files/heat-api.yaml +++ b/deployment/logging/files/heat-api.yaml @@ -24,6 +24,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/heat, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/heat-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/heat-engine.yaml b/deployment/logging/files/heat-engine.yaml index 05448d3a1a..bd34533ae9 100644 --- a/deployment/logging/files/heat-engine.yaml +++ b/deployment/logging/files/heat-engine.yaml @@ -39,5 +39,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/heat, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/keystone.yaml b/deployment/logging/files/keystone.yaml index 1fd988ceb0..8be9770dc1 100644 --- a/deployment/logging/files/keystone.yaml +++ b/deployment/logging/files/keystone.yaml @@ -39,6 +39,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/keystone, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/keystone, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/neutron-api.yaml b/deployment/logging/files/neutron-api.yaml index 722c3cba96..d14df545c4 100644 --- a/deployment/logging/files/neutron-api.yaml +++ b/deployment/logging/files/neutron-api.yaml @@ -47,6 +47,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/neutron, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/neutron-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/neutron-common.yaml b/deployment/logging/files/neutron-common.yaml index c6a18cac9b..437ffa0f3e 100644 --- a/deployment/logging/files/neutron-common.yaml +++ b/deployment/logging/files/neutron-common.yaml @@ -35,5 +35,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/neutron, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/nova-api.yaml b/deployment/logging/files/nova-api.yaml index 3fd7396247..716d436b55 100644 --- a/deployment/logging/files/nova-api.yaml +++ b/deployment/logging/files/nova-api.yaml @@ -47,6 +47,7 @@ outputs: path: "{{ item.path }}" setype: "{{ item.setype }}" state: directory + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/nova, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/nova-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/nova-common.yaml b/deployment/logging/files/nova-common.yaml index 6a4a1219e4..2901e8b5aa 100644 --- a/deployment/logging/files/nova-common.yaml +++ b/deployment/logging/files/nova-common.yaml @@ -67,5 +67,6 @@ outputs: path: "{{ item.path }}" setype: "{{ item.setype }}" state: directory + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/nova, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/nova-libvirt.yaml b/deployment/logging/files/nova-libvirt.yaml index 099fd4eb94..03f8b13563 100644 --- a/deployment/logging/files/nova-libvirt.yaml +++ b/deployment/logging/files/nova-libvirt.yaml @@ -50,5 +50,6 @@ outputs: path: "{{ item.path }}" setype: "{{ item.setype }}" state: directory + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/libvirt, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/nova-metadata.yaml b/deployment/logging/files/nova-metadata.yaml index 958625133c..b5d58baf0d 100644 --- a/deployment/logging/files/nova-metadata.yaml +++ b/deployment/logging/files/nova-metadata.yaml @@ -36,6 +36,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/nova, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/nova-metadata, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/logging/files/placement-api.yaml b/deployment/logging/files/placement-api.yaml index 7c55076a91..3143adfc7b 100644 --- a/deployment/logging/files/placement-api.yaml +++ b/deployment/logging/files/placement-api.yaml @@ -36,6 +36,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/placement, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/placement, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/manila/manila-api-container-puppet.yaml b/deployment/manila/manila-api-container-puppet.yaml index 371d46cc66..e252fb42cd 100644 --- a/deployment/manila/manila-api-container-puppet.yaml +++ b/deployment/manila/manila-api-container-puppet.yaml @@ -250,6 +250,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/manila, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/manila-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/manila/manila-scheduler-container-puppet.yaml b/deployment/manila/manila-scheduler-container-puppet.yaml index a16d37132c..ab1f400a91 100644 --- a/deployment/manila/manila-scheduler-container-puppet.yaml +++ b/deployment/manila/manila-scheduler-container-puppet.yaml @@ -108,6 +108,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/manila, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/manila/manila-share-container-puppet.yaml b/deployment/manila/manila-share-container-puppet.yaml index dbf3f450e8..1a269445fa 100644 --- a/deployment/manila/manila-share-container-puppet.yaml +++ b/deployment/manila/manila-share-container-puppet.yaml @@ -163,6 +163,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/manila, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/manila, 'setype': container_file_t } diff --git a/deployment/manila/manila-share-pacemaker-puppet.yaml b/deployment/manila/manila-share-pacemaker-puppet.yaml index 43917a9e8b..3f2c6b3c00 100644 --- a/deployment/manila/manila-share-pacemaker-puppet.yaml +++ b/deployment/manila/manila-share-pacemaker-puppet.yaml @@ -200,6 +200,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/manila, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/manila, 'setype': container_file_t } diff --git a/deployment/messaging/rpc-qdrouterd-container-puppet.yaml b/deployment/messaging/rpc-qdrouterd-container-puppet.yaml index d8612d03ad..a069a660b6 100644 --- a/deployment/messaging/rpc-qdrouterd-container-puppet.yaml +++ b/deployment/messaging/rpc-qdrouterd-container-puppet.yaml @@ -148,6 +148,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/qdrouterd, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/qdrouterd, 'setype': container_file_t } diff --git a/deployment/metrics/collectd-container-puppet.yaml b/deployment/metrics/collectd-container-puppet.yaml index c15b22d7b6..40ebd8ebca 100644 --- a/deployment/metrics/collectd-container-puppet.yaml +++ b/deployment/metrics/collectd-container-puppet.yaml @@ -730,6 +730,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/collectd, 'setype': container_file_t, 'mode': '0750' } fast_forward_upgrade_tasks: diff --git a/deployment/metrics/qdr-container-puppet.yaml b/deployment/metrics/qdr-container-puppet.yaml index c66346931c..e3bef9edfc 100644 --- a/deployment/metrics/qdr-container-puppet.yaml +++ b/deployment/metrics/qdr-container-puppet.yaml @@ -347,6 +347,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/metrics-qdr, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/metrics-qdr, 'setype': container_file_t } diff --git a/deployment/mistral/mistral-api-container-puppet.yaml b/deployment/mistral/mistral-api-container-puppet.yaml index 71b5f43afb..52d3955e94 100644 --- a/deployment/mistral/mistral-api-container-puppet.yaml +++ b/deployment/mistral/mistral-api-container-puppet.yaml @@ -248,6 +248,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/mistral, 'setype': container_file_t, 'mode': '0750' } deploy_steps_tasks: diff --git a/deployment/mistral/mistral-engine-container-puppet.yaml b/deployment/mistral/mistral-engine-container-puppet.yaml index ddc3a80b2e..83af0bc1f0 100644 --- a/deployment/mistral/mistral-engine-container-puppet.yaml +++ b/deployment/mistral/mistral-engine-container-puppet.yaml @@ -136,6 +136,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/mistral, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/mistral/mistral-event-engine-container-puppet.yaml b/deployment/mistral/mistral-event-engine-container-puppet.yaml index 2f50ebc832..0f0dd889a6 100644 --- a/deployment/mistral/mistral-event-engine-container-puppet.yaml +++ b/deployment/mistral/mistral-event-engine-container-puppet.yaml @@ -111,6 +111,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/mistral, 'setype': container_file_t, 'mode': '0750' } - name: enable virt_sandbox_use_netlink for healthcheck diff --git a/deployment/mistral/mistral-executor-container-puppet.yaml b/deployment/mistral/mistral-executor-container-puppet.yaml index f7961ace8b..1eba8dc866 100644 --- a/deployment/mistral/mistral-executor-container-puppet.yaml +++ b/deployment/mistral/mistral-executor-container-puppet.yaml @@ -217,6 +217,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/mistral, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/mistral, 'setype': container_file_t } diff --git a/deployment/nova/nova-ironic-container-puppet.yaml b/deployment/nova/nova-ironic-container-puppet.yaml index 308cc0e8c8..2d404774e5 100644 --- a/deployment/nova/nova-ironic-container-puppet.yaml +++ b/deployment/nova/nova-ironic-container-puppet.yaml @@ -213,6 +213,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/nova, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/nova, 'setype': container_file_t } diff --git a/deployment/nova/novajoin-container-puppet.yaml b/deployment/nova/novajoin-container-puppet.yaml index e32f9ab443..7878105012 100644 --- a/deployment/nova/novajoin-container-puppet.yaml +++ b/deployment/nova/novajoin-container-puppet.yaml @@ -245,6 +245,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/novajoin, 'setype': container_file_t, 'mode': '0750' } - name: Enroll to FreeIPA diff --git a/deployment/octavia/octavia-api-container-puppet.yaml b/deployment/octavia/octavia-api-container-puppet.yaml index bb8b8fea34..b574403c04 100644 --- a/deployment/octavia/octavia-api-container-puppet.yaml +++ b/deployment/octavia/octavia-api-container-puppet.yaml @@ -380,6 +380,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/octavia-api, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/octavia/octavia-health-manager-container-puppet.yaml b/deployment/octavia/octavia-health-manager-container-puppet.yaml index 4790780dee..cd3118342e 100644 --- a/deployment/octavia/octavia-health-manager-container-puppet.yaml +++ b/deployment/octavia/octavia-health-manager-container-puppet.yaml @@ -154,5 +154,6 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/octavia/octavia-housekeeping-container-puppet.yaml b/deployment/octavia/octavia-housekeeping-container-puppet.yaml index 269f1f9a3f..e171847018 100644 --- a/deployment/octavia/octavia-housekeeping-container-puppet.yaml +++ b/deployment/octavia/octavia-housekeeping-container-puppet.yaml @@ -153,6 +153,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' } upgrade_tasks: [] diff --git a/deployment/octavia/octavia-worker-container-puppet.yaml b/deployment/octavia/octavia-worker-container-puppet.yaml index 59c5be278f..a4b2520c3b 100644 --- a/deployment/octavia/octavia-worker-container-puppet.yaml +++ b/deployment/octavia/octavia-worker-container-puppet.yaml @@ -140,6 +140,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' } - block: diff --git a/deployment/ovn/ovn-controller-container-puppet.yaml b/deployment/ovn/ovn-controller-container-puppet.yaml index 72bc5721e5..918a2d9ea5 100644 --- a/deployment/ovn/ovn-controller-container-puppet.yaml +++ b/deployment/ovn/ovn-controller-container-puppet.yaml @@ -285,6 +285,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/openvswitch, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/openvswitch/ovn, 'setype': container_file_t } diff --git a/deployment/ovn/ovn-dbs-container-puppet.yaml b/deployment/ovn/ovn-dbs-container-puppet.yaml index eb4a99d5c7..bfe3244ebb 100644 --- a/deployment/ovn/ovn-dbs-container-puppet.yaml +++ b/deployment/ovn/ovn-dbs-container-puppet.yaml @@ -201,6 +201,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/openvswitch, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/openvswitch/ovn, 'setype': container_file_t } diff --git a/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml b/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml index e18aa97ccb..925ade8e0c 100644 --- a/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml +++ b/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml @@ -271,6 +271,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/openvswitch, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/openvswitch/ovn, 'setype': container_file_t } diff --git a/deployment/qdr/qdrouterd-container-puppet.yaml b/deployment/qdr/qdrouterd-container-puppet.yaml index 538aa1cfd3..59a5732abf 100644 --- a/deployment/qdr/qdrouterd-container-puppet.yaml +++ b/deployment/qdr/qdrouterd-container-puppet.yaml @@ -138,6 +138,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/qdrouterd, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/qdrouterd, 'setype': container_file_t } diff --git a/deployment/rabbitmq/rabbitmq-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-container-puppet.yaml index e21c9db642..c21e5c6aa6 100644 --- a/deployment/rabbitmq/rabbitmq-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-container-puppet.yaml @@ -339,6 +339,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } diff --git a/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml index 19166d79ee..7944dc7f88 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml @@ -285,6 +285,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } diff --git a/deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml index ffd0adbe3a..c9740c7dcb 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml @@ -245,6 +245,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml index 8ec07c117f..bf88cf1dae 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml @@ -245,6 +245,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml index 53e35d7d67..ee6ad51a29 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml @@ -285,6 +285,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } diff --git a/deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml index 82cc93569f..da37fb5531 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml @@ -253,6 +253,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/lib/rabbitmq, 'setype': container_file_t } - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' } diff --git a/deployment/swift/swift-proxy-container-puppet.yaml b/deployment/swift/swift-proxy-container-puppet.yaml index c4c7bdf9b9..5904bd3ba2 100644 --- a/deployment/swift/swift-proxy-container-puppet.yaml +++ b/deployment/swift/swift-proxy-container-puppet.yaml @@ -434,6 +434,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /srv/node, 'setype': container_file_t } - { 'path': /var/log/swift, 'setype': container_file_t } diff --git a/deployment/swift/swift-storage-container-puppet.yaml b/deployment/swift/swift-storage-container-puppet.yaml index 86c13a5b25..d8c9196578 100644 --- a/deployment/swift/swift-storage-container-puppet.yaml +++ b/deployment/swift/swift-storage-container-puppet.yaml @@ -597,6 +597,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /srv/node, 'setype': container_file_t } - { 'path': /var/cache/swift, 'setype': container_file_t } diff --git a/deployment/undercloud/tempest-container-puppet.yaml b/deployment/undercloud/tempest-container-puppet.yaml index f42a7796a3..e3ec85dbc7 100644 --- a/deployment/undercloud/tempest-container-puppet.yaml +++ b/deployment/undercloud/tempest-container-puppet.yaml @@ -58,6 +58,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode|default(omit) }}" with_items: - { 'path': /var/log/containers/tempest, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/lib/tempestdata, 'setype': container_file_t } diff --git a/deployment/zaqar/zaqar-container-puppet.yaml b/deployment/zaqar/zaqar-container-puppet.yaml index c15bf9d5d6..dd1ef9ac10 100644 --- a/deployment/zaqar/zaqar-container-puppet.yaml +++ b/deployment/zaqar/zaqar-container-puppet.yaml @@ -384,6 +384,7 @@ outputs: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" + mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/zaqar, 'setype': container_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/zaqar, 'setype': container_file_t, 'mode': '0750' }