mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Fix templates for non root sudo_user
When using template module, if a restrictive umask is set, the sudo_user won't be able to read the /tmp/ansible-dir/source file after it is copied across following _transfer_str I wonder if this behaviour shouldn't be abstracted somehow (as this correction also happens after put_file in the copy module too)
This commit is contained in:
parent
022b2290bb
commit
f456d999a9
1 changed files with 4 additions and 1 deletions
|
@ -70,7 +70,10 @@ class ActionModule(object):
|
||||||
return ReturnData(conn=conn, comm_ok=False, result=result)
|
return ReturnData(conn=conn, comm_ok=False, result=result)
|
||||||
|
|
||||||
xfered = self.runner._transfer_str(conn, tmp, 'source', resultant)
|
xfered = self.runner._transfer_str(conn, tmp, 'source', resultant)
|
||||||
|
# fix file permissions when the copy is done as a different user
|
||||||
|
if self.runner.sudo and self.runner.sudo_user != 'root':
|
||||||
|
self.runner._low_level_exec_command(conn, "chmod a+r %s" % xfered,
|
||||||
|
tmp)
|
||||||
# run the copy module, queue the file module
|
# run the copy module, queue the file module
|
||||||
self.runner.module_args = "%s src=%s dest=%s" % (self.runner.module_args, xfered, dest)
|
self.runner.module_args = "%s src=%s dest=%s" % (self.runner.module_args, xfered, dest)
|
||||||
return self.runner._execute_module(conn, tmp, 'copy', self.runner.module_args, inject=inject).daisychain('file')
|
return self.runner._execute_module(conn, tmp, 'copy', self.runner.module_args, inject=inject).daisychain('file')
|
||||||
|
|
Loading…
Reference in a new issue