Set setgid mode bit for /var/lib/ironic

This will allow folders and files created in that folder (i.e for /var/lib/ironic/images/*) to have the same group ID (42422) and hence no permission issues. Related-Bug: #1907272 Change-Id: Ib2ca2ca46ff4efa419b6b9236299e70b39f8639e
2020-12-10 11:43:14 +05:30 · 2020-12-10 11:43:14 +05:30 · d582c097cf
parent 91de0b33b9
commit d582c097cf
2 changed files with 2 additions and 2 deletions
--- a/deployment/ironic/ironic-conductor-container-puppet.yaml
+++ b/deployment/ironic/ironic-conductor-container-puppet.yaml
@ -603,7 +603,7 @@ outputs:
            mode: "{{ item.mode|default(omit) }}"
          with_items:
            - { 'path': /var/log/containers/ironic, 'setype': container_file_t, 'mode': '0750' }
-            - { 'path': /var/lib/ironic, 'setype': container_file_t }
+            - { 'path': /var/lib/ironic, 'setype': container_file_t, 'mode': 'g+s' }
        - name: stat /httpboot
          stat: path=/httpboot
          register: stat_httpboot
--- a/deployment/ironic/ironic-pxe-container-puppet.yaml
+++ b/deployment/ironic/ironic-pxe-container-puppet.yaml
@ -174,6 +174,6 @@ outputs:
            setype: "{{ item.setype }}"
            mode: "{{ item.mode|default(omit) }}"
          with_items:
-            - { 'path': /var/lib/ironic, 'setype': container_file_t }
+            - { 'path': /var/lib/ironic, 'setype': container_file_t, 'mode': 'g+s' }
            - { 'path': /var/log/containers/ironic, 'setype': container_file_t, 'mode': '0750' }
            - { 'path': /var/log/containers/httpd/ironic-pxe, 'setype': container_file_t, 'mode': '0750' }