Kev*_*n C 6 permissions ansible
使用Ansible 2.1.4.0
是否可以sticky bit在1个任务中设置和文件夹权限?
例;
# Shell is used over find module cause symlink breaks and performance
- name: Find directories in /tmp which are not valid
shell: find
/tmp/test -type d
\( ! -user root -o ! -group root -o ! -perm 775 \)
register: find1
- name: Set 775 for found directories
file:
path: "{{ item }}"
owner: root
group: vagrant
mode: 0775
state: directory
with_items: "{{ findPermission1.stdout_lines | default([]) }}"
- name: Find directories in /tmp which have no sticky bit
shell: find
/tmp/test -type d
\! -perm /1000
changed_when: false
register: find2
- name: Set permissions for found directories
file:
path: "{{ item }}"
owner: root
group: vagrant
mode: g+s
state: directory
recurse: no #cause it already found recurse
with_items: "{{ find.stdout_lines | default([]) }}"
现在,我必须有2个不同的任务来设置权限.但是他们互相覆盖.
目标:在一项任务中将权限设置为775和g + s.
Kev*_*n C 10
找到了. http://docs.ansible.com/ansible/file_module.html
- name: Set sticky bit + 775 for directory
file:
path: /tmp/test
owner: root
group: vagrant
mode: u=rwx,g=rwx,o=rx,g+s
state: directory
目标:在一项任务中将权限设置为 775 和 g+s。
- name: Set permissions for found directories
file:
path: "{{ item }}"
owner: root
group: vagrant
mode: 02775
state: directory
recurse: no #cause it already found recurse
with_items: ____
但我不明白你为什么在代码中检查 SUID ( -perm /1000) 并设置 SGID ( g+s)。我也不知道有什么价值find,因为你注册了find1and find2,但是没有find。
我也认为不需要为 find 指定条件,因为 Ansible 模块是幂等/声明性的,并且您希望所有目录都具有相同的权限,因此您可以依赖 Ansible。
| 归档时间: |
|
| 查看次数: |
4841 次 |
| 最近记录: |